Skip to content

Commit

Permalink
Allow fetching recent logs from the OS over HID
Browse files Browse the repository at this point in the history
  • Loading branch information
AlCutter committed Mar 13, 2024
1 parent 90eb1cb commit 40b8e51
Show file tree
Hide file tree
Showing 9 changed files with 46 additions and 1 deletion.
2 changes: 2 additions & 0 deletions api/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,8 @@ const (
U2FHID_ARMORY_OTA
// Set HAB fuse to built-in SRK hash
U2FHID_ARMORY_HAB
// Fetch latest logs
U2FHID_ARMORY_LOGS
)

var emptyResponse []byte
Expand Down
9 changes: 9 additions & 0 deletions cmd/witnessctl/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,15 @@ func (d Device) hab() error {
return nil
}

func (d Device) logs() (string, error) {
buf, err := d.u2f.Command(api.U2FHID_ARMORY_LOGS, nil)
if err != nil {
return "", err
}

return string(buf), nil
}

func (d Device) sendUpdateHeader(signature []byte, total int) (err error) {
update := &api.AppletUpdate{
Total: uint32(total),
Expand Down
11 changes: 11 additions & 0 deletions cmd/witnessctl/witnessctl.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ type Config struct {
hidPath string

status bool
logs bool
hab bool

otaELF string
Expand All @@ -79,6 +80,7 @@ func init() {

flag.StringVar(&conf.hidPath, "d", "", "HID path of witness device to act upon (use -s to list devices)")
flag.BoolVar(&conf.status, "s", false, "get witness status")
flag.BoolVar(&conf.logs, "l", false, "get witness logs")
flag.BoolVar(&conf.hab, "H", false, "set HAB fuses")
flag.StringVar(&conf.otaELF, "o", "", "trusted applet payload")
flag.StringVar(&conf.otaSig, "O", "", "trusted applet signature")
Expand Down Expand Up @@ -160,6 +162,15 @@ func main() {
}
log.Printf("%s\n\n", s.Print())
}
case conf.logs:
for _, d := range conf.devs {
log.Printf("👁️‍🗨️ @ %s", d.usb.Path)
s, err := d.logs()
if err != nil {
log.Printf("Failed to get status on %q: %c", d.usb.Path, err)
}
log.Printf("%s\n\n", s)
}
case len(conf.otaELF) > 0 || len(conf.otaSig) > 0:
if len(conf.devs) != 1 {
log.Fatal("Please specify which device to OTA using -d")
Expand Down
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ require (
github.com/mattn/go-runewidth v0.0.15 // indirect
github.com/pierrec/lz4/v4 v4.1.14 // indirect
github.com/rivo/uniseg v0.2.0 // indirect
github.com/smallnest/ringbuffer v0.0.0-20230728150354-35801fa39d0e // indirect
github.com/stretchr/testify v1.8.2 // indirect
github.com/transparency-dev/formats v0.0.0-20230920083814-0f75b1d4e813 // indirect
github.com/u-root/u-root v0.11.0 // indirect
Expand Down
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
github.com/smallnest/ringbuffer v0.0.0-20230728150354-35801fa39d0e h1:KHiRfgBfn0d3lv2kXs4iayASb6TdInNNIHe75zX0sqg=
github.com/smallnest/ringbuffer v0.0.0-20230728150354-35801fa39d0e/go.mod h1:mXcZNMJHswhQDDJZIjdtJoG97JIwIa/HdcHNM3w15T0=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
Expand Down
4 changes: 4 additions & 0 deletions trusted_os/console.go
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,10 @@ func printk(c byte) {
// ensure that any serial output is supressed before UART2 disabling
}

func getLogs() []byte {
return nil
}

func inspect(buf []byte, _ any) error {
return nil
}
Expand Down
4 changes: 4 additions & 0 deletions trusted_os/ctl.go
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,10 @@ func (ctl *controlInterface) HAB(_ []byte) []byte {
return api.EmptyResponse()
}

func (ctl *controlInterface) Logs(_ []byte) (res []byte) {
logs := getLogs()
return []byte(logs)
}
func (ctl *controlInterface) Start() {
device := &usb.Device{}
serial := fmt.Sprintf("%X", imx6ul.UniqueID())
Expand Down
10 changes: 9 additions & 1 deletion trusted_os/debug.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,16 @@ import (
usbarmory "github.com/usbarmory/tamago/board/usbarmory/mk2"
"github.com/usbarmory/tamago/soc/nxp/usb"

"github.com/usbarmory/GoTEE/monitor"
usbserial "github.com/usbarmory/imx-usbserial"

"github.com/usbarmory/GoTEE/monitor"
"github.com/smallnest/ringbuffer"
)

const debug = true

var serial *usbserial.UART
var logBuffer *ringbuffer.RingBuffer

func init() {
// TODO(al): Probably want to reinstate this check after wave0!
Expand All @@ -46,17 +48,23 @@ func init() {
panic("fatal error, debug firmware not allowed on secure booted units")
}
*/
logBuffer = ringbuffer.New(1 << 20)
}

//go:linkname printk runtime.printk
func printk(c byte) {
usbarmory.UART2.Tx(c)
logBuffer.WriteByte(c)

if serial != nil {
serial.WriteByte(c)
}
}

func getLogs() []byte {
return logBuffer.Bytes()
}

func configureUART(device *usb.Device) (err error) {
if LAN == nil {
return
Expand Down
4 changes: 4 additions & 0 deletions trusted_os/usb_hid.go
Original file line number Diff line number Diff line change
Expand Up @@ -121,5 +121,9 @@ func configureHID(device *usb.Device, ctl *controlInterface) (err error) {
return
}

if err = hid.AddMapping(api.U2FHID_ARMORY_LOGS, ctl.Logs); err != nil {
return
}

return
}

0 comments on commit 40b8e51

Please sign in to comment.